#78 ApplicationBar Crash

closed
Martin
Components (19)
8
2011-10-11
2011-08-29
No

The SharpEnviro site's down, so I'm posting here an update to some notes I've been compiling regarding a crashing toolbar that features an ApplicationBar module. I'm now certain of the cause of the crash and can duplicate it at will:

* The crash definitely happens in FireFox when I change pages to one that has a *huge* number of characters in the page ttitle. FF uses the page title as the caption, so what's happening is that the ApplicationBar module is crashing when it retrieves an application caption that has a large number of characters in it. Buffer overflow anyone?

The crash happens on my computer often because my bug tracker (Roundup) uses the text of the currently-viewed bug report as the page title, so stack traces and whatnot included as part of a bug report make FireFox's application title very wide. I'm sure you can duplicate the problem in Delphi by creating a little program that sets Application.Title = to a large string.

Discussion

  • Erik Knowles

    Erik Knowles - 2011-08-29

    Definitely confirmed. Create a new Delphi project, double-click on the created form to add a FormCreate method, and put the following line in the auto-generated method declaration:

    Application.Title := StringOfChar('A',10000)

    Running the application will consistently crash the toolbar that holds the ApplicationBar module.

     
  • Erik Knowles

    Erik Knowles - 2011-08-29
    • priority: 5 --> 8
     
  • Erik Knowles

    Erik Knowles - 2011-08-29

    Whoops, sorry, I meant "Task" module when I referred to the "ApplicationBar" module

     
  • Erik Knowles

    Erik Knowles - 2011-08-29

    As another example, visiting the page below will crash the SharpBar when visited using FireFox (Internet Explorer truncates the HTML page title and so does not cause the crash):

    http://geosystemsoftware.com/erik/sharpcrash.html

    This may be remotely exploitable to give at least user-level access by crafting a web page that includes exploit code in the page title.

     
  • Erik Knowles

    Erik Knowles - 2011-10-11
    • status: open --> closed
     
  • Erik Knowles

    Erik Knowles - 2011-10-11

    RC3 corrects the error.

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks